From 098e9bf66fd23c10b96ea469392a299a4ec382b9 Mon Sep 17 00:00:00 2001
From: Oliver Hader <oliver@typo3.org>
Date: Tue, 22 Mar 2022 18:54:57 +0100
Subject: [PATCH] [BUGFIX] Correctly resolve instance script path

Calling a site using http://example.org/index.php/invalid/ leads to
~/index.php/whatever/ being used as internal script path, which causes
errors or internal side-effects.

This behavior seems to occur only on web-servers using Apache with
PHP-CGI or PHP-FPM, using PHP setting `cgi.fix_pathinfo = 1`.

In case `cgi.fix_pathinfo` is enabled, the current script name is
retrieved from `$_SERVER['SCRIPT_FILENAME']` instead.

Resolves: #97543
Releases: main, 11.5, 10.4
Change-Id: Ia5f6b705253d42d4fc409b90b21d0363c4b97974
Reviewed-on: https://review.typo3.org/c/Packages/TYPO3.CMS/+/74505
Tested-by: core-ci <typo3@b13.com>
Tested-by: Benjamin Franzke <bfr@qbus.de>
Reviewed-by: Benjamin Franzke <bfr@qbus.de>
---
 typo3/sysext/core/Classes/Core/Environment.php              | 5 +++++
 typo3/sysext/core/Classes/Core/SystemEnvironmentBuilder.php | 6 +++++-
 2 files changed, 10 insertions(+), 1 deletion(-)

diff --git a/typo3/sysext/core/Classes/Core/Environment.php b/typo3/sysext/core/Classes/Core/Environment.php
index 8ce8c9eb3f76..33f8975684f5 100644
--- a/typo3/sysext/core/Classes/Core/Environment.php
+++ b/typo3/sysext/core/Classes/Core/Environment.php
@@ -324,6 +324,11 @@ class Environment
         return in_array(PHP_SAPI, self::$supportedCgiServerApis, true);
     }
 
+    public static function usesCgiFixPathInfo(): bool
+    {
+        return !empty(ini_get('cgi.fix_pathinfo'));
+    }
+
     /**
      * Returns the currently configured Environment information as array.
      *
diff --git a/typo3/sysext/core/Classes/Core/SystemEnvironmentBuilder.php b/typo3/sysext/core/Classes/Core/SystemEnvironmentBuilder.php
index 264cddc10f5d..527f5bfb0d28 100644
--- a/typo3/sysext/core/Classes/Core/SystemEnvironmentBuilder.php
+++ b/typo3/sysext/core/Classes/Core/SystemEnvironmentBuilder.php
@@ -313,8 +313,12 @@ class SystemEnvironmentBuilder
      */
     protected static function getPathThisScriptNonCli()
     {
+        $isCgi = Environment::isRunningOnCgiServer();
+        if ($isCgi && Environment::usesCgiFixPathInfo()) {
+            return $_SERVER['SCRIPT_FILENAME'];
+        }
         $cgiPath = $_SERVER['ORIG_PATH_TRANSLATED'] ?? $_SERVER['PATH_TRANSLATED'] ?? '';
-        if ($cgiPath && Environment::isRunningOnCgiServer()) {
+        if ($cgiPath && $isCgi) {
             return $cgiPath;
         }
         return $_SERVER['ORIG_SCRIPT_FILENAME'] ?? $_SERVER['SCRIPT_FILENAME'];
-- 
GitLab